package com.dongdongshop.shiro;

import com.alibaba.dubbo.config.annotation.Reference;
import com.dongdongshop.pojo.TbUser;
import com.dongdongshop.service.TbUserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;

//授权类
public class LoginUserRealm extends AuthorizingRealm {

    @Reference
    private TbUserService tbUserService;

    //授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("进入授权方法");
        return null;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("进入登陆认证方法");
        UsernamePasswordToken token =  (UsernamePasswordToken)authenticationToken;
        TbUser tbUser = tbUserService.selectByid(token.getUsername());
        if(tbUser == null){
            return null;
        }
        return new SimpleAuthenticationInfo(tbUser,tbUser.getPassword(), ByteSource.Util.bytes(tbUser.getSalt()),tbUser.getUsername());//需要最少三个参数
    }
}
